Man-in-the-Middle Vulnerability in IBM Tivoli Identity Manager and Security Identity Manager
CVE-2014-6108
5.9MEDIUM
Key Information:
- Vendor
- IBM
- Vendor
- CVE Published:
- 20 April 2018
Summary
An unencrypted connection in IBM Tivoli Identity Manager and Security Identity Manager can be exploited by attackers to intercept sensitive data. This flaw exists in multiple versions of the software, where improper handling of secured interfaces allows the potential for sensitive information leakage, making it crucial for organizations using affected products to implement immediate security measures to protect their systems.
References
CVSS V3.1
Score:
5.9
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved